V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsDocs
Back to catalog
BDU:2023-07453
BDU
Critical

Уязвимость веб-сервера Atlassian Confluence Server и дата центра Confluence Data Center связана с недостатками процедуры авторизации. Экспл…

CVSS
9.1
Critical
EPSS
0.00
p0
Published
2023-01-01
Updated
2023-01-01
Description

Уязвимость веб-сервера Atlassian Confluence Server и дата центра Confluence Data Center связана с недостатками процедуры авторизации. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, повысить свои привилегии

Tags · CWE
Pre-auth
Affected products
Atlassian Confluence serverAtlassian Confluence serverAtlassian Confluence serverAtlassian Confluence serverAtlassian Confluence serverAtlassian Jira data centerAtlassian Jira data centerAtlassian Jira data centerAtlassian Jira data centerAtlassian Jira data center
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Timeline
2023-01-01
Published
2023-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: N
None (N)
User Interaction
UI: N
None (N)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: N
None (N)
Integrity Impact
I: H
High (H)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.000 · p0
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected software
ProductVendorStatus
confluence serveratlassianTracked
confluence serveratlassianTracked
confluence serveratlassianTracked
confluence serveratlassianTracked
confluence serveratlassianTracked
jira data centeratlassianTracked
jira data centeratlassianTracked
jira data centeratlassianTracked
jira data centeratlassianTracked
jira data centeratlassianTracked
Source databases
BDU
Related vulnerabilities
CVE-2023-22518